\subsection{Construction of finite fields}
Every finite field has characteristic \( p > 0 \), and so it can be regarded as a field extension of \( \mathbb F_p \).
We will classify every finite field and study their Galois theory.
Recall that, for a finite field \( F \) of characteristic \( p \),
\begin{enumerate}
	\item \( \abs{F} = p^n \), where \( [F : \mathbb F_p] = n \);
	\item \( F^\times \) is cyclic, of order \( p^n - 1 \);
	\item The Frobenius automorphism \( \varphi_p \colon F \to F \) given by \( x \mapsto x^p \) is an automorphism of \( F \).
\end{enumerate}
\begin{theorem}
	Let \( p \) be a prime, and \( n \geq 1 \).
	Then there is a finite field with \( q = p^n \) elements.
	Any such field is a splitting field of the polynomial \( f = T^q - T \) over \( \mathbb F_p \).
	Since splitting fields are unique up to \( \mathbb F_p \)-isomorphism, any two finite fields of the same order are isomorphic.
\end{theorem}
\begin{proof}
	Let \( F \) be a field with \( q = p^n \) elements.
	Then if \( x \in F^\times \), \( x^{q-1} = 1 \).
	Hence, for all \( x \in F \), \( x^q = x \).
	In particular, \( f \) has \( q \) distinct roots in \( F \), which are all of the elements of \( F \).
	So \( f \) splits into linear factors in \( F \), and not in any proper subfield, so \( F \) is indeed a splitting field for \( f \) as required.

	Now, we wish to explicitly construct such a field.
	Let \( L \) be a splitting field for \( f = T^q - T \) over \( \mathbb F_p \).
	Let \( F \subseteq L \) be the fixed field of \( \varphi_p^n \), the map \( x \mapsto x^q \).
	So \( F \) is the set of roots of \( f \) in \( L \).
	So \( \abs{F} = q \).
	Therefore, \( L = F \) because \( F \) has \( q \) elements, using the above argument.
\end{proof}
Now that we have shown isomorphism, we simply write \( \mathbb F_q \) for any finite field of \( q \) elements.
There is no canonical finite field of a given order in general.

\subsection{Galois theory of finite fields}
\begin{theorem}
	The extension \( \mathbb F_{p^n} / \mathbb F_p \) is Galois, and the Galois group is cyclic of order \( n \), generated by the Frobenius automorphism \( \varphi_p \).
\end{theorem}
\begin{proof}
	Since \( \mathbb F_{p^n} \) is the splitting field of the separable polynomial \( T^{p^n} - T \), the extension is Galois.
	Let \( G \leq \Gal(\mathbb F_{p^n} / \mathbb F_p) \) be the subgroup generated by \( \varphi_p \).
	Then \( \mathbb F_{p^n}^G = \qty{x \mid x^p = x} = \mathbb F_p \), so by the Galois correspondence, \( G \) must be the entire group \( \Gal(\mathbb F_{p^n} / \mathbb F_p) \).
\end{proof}
\begin{theorem}
	\( \mathbb F_{p^n} \) has a unique subfield of order \( p^m \) for all \( m \mid n \), and no others.
	If \( m \mid n \), then \( \mathbb F_{p^m} \subseteq \mathbb F_{p^n} \) is the fixed field of \( \varphi_p^m \).
\end{theorem}
\begin{proof}
	By the Galois correspondence, it suffices to check the subgroups of \( \faktor{\mathbb Z}{n\mathbb Z} \).
	The subgroups of \( \faktor{\mathbb Z}{n\mathbb Z} \) are \( \faktor{m\mathbb Z}{n\mathbb Z} \) for \( m \mid n \).
	Hence, the subfields of \( \mathbb F_{p^m} \) are the fixed fields of the subgroups \( \genset{\varphi_p^m} \), which have degree equal to the indices \( \qty(\faktor{\mathbb Z}{n\mathbb Z} : \faktor{m\mathbb Z}{n\mathbb Z}) = m \).
\end{proof}
\begin{remark}
	If \( m \mid n \), \( \Gal(\mathbb F_{p^n} / \mathbb F_{p^m}) = \genset{\varphi_p^m} \), which has order \( \frac{n}{m} \).
\end{remark}
\begin{theorem}
	Let \( f \in \mathbb F_p[T] \) be separable, and let \( n = \deg f \).
	Suppose the irreducible factors of \( f \) have degrees \( n_1, \dots, n_r \), so \( \sum_{i=1}^r n_i = n \).
	Then \( \Gal(f/\mathbb F_p) \subseteq S_n \) is cyclic and generated by an element of cycle type \( (n_1, \dots, n_r) \).
	In particular, \( \abs{\Gal(f/\mathbb F_p)} \) is the least common multiple of the \( n_i \).
\end{theorem}
Recall that \( \pi \in S_n \) has cycle type \( (n_1, \dots, n_r) \) if it is a product of \( r \) disjoint cycles \( \pi_i \), each with length \( n_i \).
\begin{proof}
	Let \( L \) be a splitting field for \( f \) over \( \mathbb F_p \).
	Consider \( x_1, \dots, x_n \in L \).
	Then \( \Gal(L/\mathbb F_p) \) is cyclic and generated by \( \varphi_p \).
	As the irreducible factors \( g_i \) of \( f \) are the minimal polynomials of the \( x_i \), and the roots of the minimal polynomial of \( x_i \) are precisely the orbit of \( \varphi_p \) on \( x_i \), the cycle type must be as required.
	The order of any such permutation is the lowest common multiple of the lengths of the cycles.
\end{proof}

\subsection{Reduction modulo a prime}
\begin{theorem}
	Let \( f \in \mathbb Z[T] \) be a monic separable polynomial with \( \deg f = n \), and let \( p \) be a prime.
	Suppose that the \emph{reduction} \( \overline f \in \mathbb F_p[T] \) of \( f \) is also separable.
	Then \( \Gal(\overline f / \mathbb F_p) \leq \Gal(f/\mathbb Q) \) as subgroups of \( S_n \).
\end{theorem}
\begin{remark}
	The identification of \( \Gal(f/\mathbb Q) \) with a subgroup of \( S_n \) depends on the choice of ordering of the roots of \( f \).
	Choosing a different ordering corresponds to conjugation of \( \Gal(f/\mathbb Q) \) in \( S_n \).
	The meaning of the statement \( \Gal(\overline f/\mathbb F_p) \leq \Gal(f/\mathbb Q) \) therefore means that \( \Gal(\overline f/\mathbb F_p) \) is conjugate to a subgroup of \( \Gal(f/\mathbb Q) \) in \( S_n \), not that it is exactly a subgroup.
\end{remark}
The following proof is based in algebraic number theory; alternatives are available.
The proof is not examinable.
\begin{proof}
	Let \( L = \mathbb Q(x_1, \dots, x_n) \) be a splitting field for \( f \), where the \( x_i \) are the roots of \( f \).
	Let \( N = [L:\mathbb Q] \).
	Consider \( R = \mathbb Z[x_1, \dots, x_n] \).
	Since \( f(x_i) = 0 \) and \( f \) is monic, every element of \( R \) is a \( \mathbb Z \)-linear combination of \( x_1^{a_1}, \dots, x_n^{a_n} \) where the \( a_i < n \) by using \( f \) to reduce the degrees.
	So \( R \) is finitely-generated as a \( \mathbb Z \)-module, or equivalently, as an abelian group.
	\( R \) is contained inside \( L \simeq \mathbb Q^N \).
	\( R \) is torsion-free, so \( R \simeq \mathbb Z^M \) with \( M \leq N \) (in fact, \( M = N \)).

	Then \( \overline R = \faktor{R}{pR} \) has \( p^M \) elements.
	Let \( \overline P \) be a maximal ideal for \( \overline R \), which corresponds to an ideal \( P \) of \( R \) that contains \( pR \).
	Then \( F = \faktor{R}{P} \simeq \faktor{\overline R}{\overline P} \) (by the isomorphism theorem) is a finite field with \( p^d \) elements for some \( d \).
	Since \( R \) is generated by \( x_1, \dots, x_n \), \( F \) is generated by \( \overline x_1, \dots, \overline x_n \), where \( \overline x_i = x_i + P \in F \).
	In particular, \( \overline f = \prod_{i=1}^n (T - \overline x_i) \).
	Since \( \overline f \) is separable, the \( \overline x_i \) are distinct, and \( F \) is a splitting field for \( \overline f \).

	Let \( G = \Gal(f/\mathbb Q) \).
	Then \( G \) maps \( R \) to \( R \) since it permutes the \( x_i \).
	Let \( H \leq G \) be the stabiliser of \( P \), so \( H = \qty{\sigma \in G \mid \sigma P = P} \).
	Since \( H \) fixes \( P \), \( H \) acts on the quotient \( \faktor{R}{P} = F \), and it permutes the \( \overline x_i \) in the same way as it permutes the \( x_i \).
	In particular, there is an injective homomorphism from \( H \) into \( \Gal(F/\mathbb F_p) \).
	It now suffices to show that this homomorphism is an isomorphism.

	Let \( \qty{P = P_1, P_2, \dots, P_r} \) be the orbit of \( P \) under \( G \), so \( P_i = \sigma P \) for some \( \sigma \in G \).
	These are all maximal ideals since \( P \) is, and \( \faktor{R}{P_i} \simeq \faktor{R}{P} \) so each \( \faktor{R}{P_i} \) have \( p^d \) elements.
	The \( P_i \) are maximal, so \( P_i + P_j = R \) if \( i \neq j \).
	So by the Chinese remainder theorem for rings,
	\[ \faktor{R}{(P_1 \cap \dots \cap P_k)} \simeq \faktor{R}{P_1} \times \dots \times \faktor{R}{P_r} \]
	As \( p \in P_1 \), \( pR \subseteq P_1 \cap \dots \cap P_r \).
	So
	\[ p^N \geq p^M = \abs{\faktor{R}{pR}} \geq \abs{\faktor{R}{(P_1 \cap \dots \cap P_r)}} = \prod_{i=1}^r \abs{\faktor{R}{P_i}} = p^{rd} \implies N \geq rd \]
	Now, by the orbit-stabiliser theorem, \( r = (G : H) = \frac{N}{\abs{H}} \).
	Since \( H \) injects into \( \Gal(F/\mathbb F_p) \), we have \( \abs{H} \leq d \) with equality if and only if the injection is an isomorphism.
	So \( N \leq rd \), but since \( N \geq rd \), we must have \( N = rd \), so the injection is an isomorphism, and \( H \simeq \Gal(\overline f/\mathbb F_p) \).
\end{proof}
\begin{corollary}
	Let \( f \in \mathbb Z[T] \) be monic and separable with \( p \) a prime such that \( \overline f \in \mathbb F_p[T] \) is separable.
	Consider the factorisation into irreducibles \( \overline f = g_1 \dots g_r \in \mathbb F_p[T] \), where \( \deg g_i = n_i \).
	Then \( \Gal(f/\mathbb Q) \) contains an element of cycle type \( (n_1, \dots, n_r) \).
\end{corollary}
\begin{proof}
	Combine the previous two theorems.
\end{proof}
\begin{example}
	Let \( f = T^4 - 3T + 1 \).
	Consider \( p = 2 \).
	In \( \mathbb F_2 \), \( f = T^4 + T + 1 \).
	This does not have a root, and not divisible by \( T^2 + T + 1 \) which is the only irreducible quadratic, so it is irreducible.

	Now, consider \( p = 5 \).
	In \( \mathbb F_5 \), \( f = (T+1)(T^3 - T^2 + T + 1) \), which is a factorisation into irreducibles.

	By the above corollary, \( \Gal(f/\mathbb Q) \) has a 4-cycle and a 3-cycle.
	In particular, \( 12 \mid \abs{\Gal(f/\mathbb Q)} \), so the group is either all of \( S_4 \) or it is \( A_4 \), as this is the unique index 2 subgroup of \( S_4 \).
	But 4-cycles are odd, so do not lie in \( A_4 \).
	So \( \Gal(f/\mathbb Q) = S_4 \).

	Note that if \( \overline f \) is separable, \( \mathrm{Disc}(\overline f) \neq 0 \), so \( p \nmid \mathrm{Disc}(\overline f) \) so \( f \) is separable.
	If \( f \) is separable, then \( \overline f \) is separable for all primes but the finite set of primes dividing \( \mathrm{Disc}(f) \).
\end{example}
\begin{remark}
	If \( \Gal(f/\mathbb Q) \) contains an element of cycle type \( (n_1, \dots, n_r) \), it can in fact be shown that there exist infinitely many primes \( p \) such that \( \overline f \) factors into irreducibles of degrees \( n_1, \dots, n_r \) in \( \mathbb F_p \).
	This is known as the Chebotarev density theorem, which is a generalisation of Dirichlet's theorem on primes in arithmetic progression.
	However, the proof is far outside the scope of this course.
\end{remark}
